15-07-2021
Monomial evaluation of polynomial functions protected by threshold implementations—with an illustration on AES
—
- Extended version -
Published in: Cryptography and Communications | Issue 4/2021
Log inActivate our intelligent search to find suitable subject content or patents.
Select sections of text to find matching patents with Artificial Intelligence. powered by
Select sections of text to find additional relevant content using AI-assisted search. powered by
Abstract
AES
block cipher, the challenging part is to minimise both the number of steps (or cycles) and the consumption of randomness. In this paper, we combine the changing of the guards technique published by Daemen at CHES 2017 (which reduces the need for fresh randomness) with the work of Genelle et al. at CHES 2011 (which combines additive masking and multiplicative one) to propose a new TI which does not consume fresh randomness and which is efficient (in terms of cycles) for classical block ciphers. As an illustration, we develop our proposal for the AES
, and more specifically its SBox implemented thanks to a finite field exponentiation. In this particular context, we argue that our proposal is a valuable alternative to the state of the art solutions. More generally, it has the advantage of being easily applicable to the evaluation of any polynomial function, which was usually not the case of previous solutions.